Skip to content

abnormal_security,aws_bedrock,crowdstrike,nvidia_gpu: add required variables in system tests #15832

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

abnormal_security,aws_bedrock,crowdstrike,nvidia_gpu: add required variables in system tests #15832

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a7289b3
Fix system tests
moxarth-rathod Oct 31, 2025
9974cb2
Address PR comments
moxarth-rathod Nov 5, 2025
43300a2
make `wait_interval` parameter as optional
moxarth-rathod Nov 5, 2025
1e97e4f
Use empty list instead of empty string
moxarth-rathod Nov 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/abnormal_security/data_stream/ai_security_mailbox_not_analyzed/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ streams:
type: text
title: Recent Message Grace Interval
multi: false
required: true
required: false
show_user: true
description: How long to wait before attempting to collect recent messages. This option allows the Abnormal AI API to complete analysis of messages before the agent attempts to collect them. This should not be greater than the initial interval. Supported units for this parameter are h/m/s.
- name: interval
Expand Down
12 changes: 6 additions & 6 deletions packages/abnormal_security/data_stream/ai_security_mailbox_not_analyzed/sample_event.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,22 +17,22 @@
}
},
"agent": {
"ephemeral_id": "835b49c2-b5f8-4cd3-9915-0257c60f59ad",
"id": "129fb3a1-34d7-4b0f-8248-d13d3a7d46f6",
"name": "elastic-agent-18300",
"ephemeral_id": "ea5725c7-abdf-4082-aa3f-38a44243aced",
"id": "bde1501c-c6c1-49fe-9125-c805f917c934",
"name": "elastic-agent-45073",
"type": "filebeat",
"version": "8.19.0"
},
"data_stream": {
"dataset": "abnormal_security.ai_security_mailbox_not_analyzed",
"namespace": "26882",
"namespace": "98484",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "129fb3a1-34d7-4b0f-8248-d13d3a7d46f6",
"id": "bde1501c-c6c1-49fe-9125-c805f917c934",
"snapshot": false,
"version": "8.19.0"
},
Expand All @@ -51,7 +51,7 @@
],
"dataset": "abnormal_security.ai_security_mailbox_not_analyzed",
"id": "-1234567891234567891",
"ingested": "2025-09-16T10:25:44Z",
"ingested": "2025-10-30T07:35:02Z",
"kind": "event",
"original": "{\"abx_message_id\":-1234567891234567891,\"not_analyzed_reason\":\"PHISHING_SIMULATION\",\"recipient\":{\"email\":\"[email protected]\",\"name\":\"Phishing Test\"},\"reported_datetime\":\"2025-03-04T17:03:55Z\",\"reporter\":{\"email\":\"[email protected]\",\"name\":\"Info Test\"},\"subject\":\"Fwd: Forwarded email\"}",
"reason": "PHISHING_SIMULATION",
Expand Down
12 changes: 6 additions & 6 deletions packages/abnormal_security/docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,22 +219,22 @@ An example event for `ai_security_mailbox_not_analyzed` looks as following:
}
},
"agent": {
"ephemeral_id": "835b49c2-b5f8-4cd3-9915-0257c60f59ad",
"id": "129fb3a1-34d7-4b0f-8248-d13d3a7d46f6",
"name": "elastic-agent-18300",
"ephemeral_id": "ea5725c7-abdf-4082-aa3f-38a44243aced",
"id": "bde1501c-c6c1-49fe-9125-c805f917c934",
"name": "elastic-agent-45073",
"type": "filebeat",
"version": "8.19.0"
},
"data_stream": {
"dataset": "abnormal_security.ai_security_mailbox_not_analyzed",
"namespace": "26882",
"namespace": "98484",
"type": "logs"
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "129fb3a1-34d7-4b0f-8248-d13d3a7d46f6",
"id": "bde1501c-c6c1-49fe-9125-c805f917c934",
"snapshot": false,
"version": "8.19.0"
},
Expand All @@ -253,7 +253,7 @@ An example event for `ai_security_mailbox_not_analyzed` looks as following:
],
"dataset": "abnormal_security.ai_security_mailbox_not_analyzed",
"id": "-1234567891234567891",
"ingested": "2025-09-16T10:25:44Z",
"ingested": "2025-10-30T07:35:02Z",
"kind": "event",
"original": "{\"abx_message_id\":-1234567891234567891,\"not_analyzed_reason\":\"PHISHING_SIMULATION\",\"recipient\":{\"email\":\"[email protected]\",\"name\":\"Phishing Test\"},\"reported_datetime\":\"2025-03-04T17:03:55Z\",\"reporter\":{\"email\":\"[email protected]\",\"name\":\"Info Test\"},\"subject\":\"Fwd: Forwarded email\"}",
"reason": "PHISHING_SIMULATION",
Expand Down
1 change: 1 addition & 0 deletions packages/aws_bedrock/data_stream/invocation/_dev/test/system/test-default-config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,6 @@ data_stream:
queue_url: '{{TF_OUTPUT_queue_url}}'
preserve_original_event: true
preserve_duplicate_custom_fields: true
file_selectors: []
assert:
hit_count: 348
30 changes: 17 additions & 13 deletions packages/aws_bedrock/data_stream/invocation/sample_event.json
View file
Open in desktop

Large diffs are not rendered by default.

3 changes: 1 addition & 2 deletions packages/crowdstrike/data_stream/fdr/_dev/test/policy/test-default.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ inputs:
streams:
- data_stream:
dataset: crowdstrike.fdr
type: logs
fields:
_conf:
enable_deduplication: false
Expand Down Expand Up @@ -83,7 +82,7 @@ inputs:
fields:
- crowdstrike
publisher_pipeline.disable_host: true
queue_url: null
queue_url: ""
sqs.notification_parsing_script.source: |
function parse(n) {
var m = JSON.parse(n);
Expand Down
1 change: 1 addition & 0 deletions packages/crowdstrike/data_stream/fdr/_dev/test/policy/test-default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,6 @@ vars:
token_url: http://host.tld/oauth2/token
data_stream:
vars:
queue_url: ""
preserve_original_event: true
preserve_duplicate_custom_fields: true
1 change: 1 addition & 0 deletions packages/nvidia_gpu/data_stream/stats/_dev/test/system/test-default-config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,6 @@ data_stream:
preserve_original_event: true
hosts:
- http://{{Hostname}}:{{Port}}/metrics
ssl: []
assert:
hit_count: 3
85 changes: 20 additions & 65 deletions packages/nvidia_gpu/data_stream/stats/sample_event.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,99 +1,54 @@
{
"@timestamp": "2025-06-24T05:16:10.082Z",
"@timestamp": "2025-10-30T09:18:05.475Z",
"agent": {
"ephemeral_id": "158b1ab5-1d8f-40df-a960-73d24cffa507",
"id": "c509a40e-38fb-4be5-8e70-ba382ce8eff0",
"name": "elastic-agent-58660",
"ephemeral_id": "54f22388-40a1-419e-91a1-206585ad0aa0",
"id": "74bc8c8b-cd00-4a4e-8457-41b9fc85489e",
"name": "elastic-agent-35074",
"type": "metricbeat",
"version": "8.17.0"
"version": "8.16.0"
},
"data_stream": {
"dataset": "nvidia_gpu.stats",
"namespace": "52265",
"namespace": "46457",
"type": "metrics"
},
"ecs": {
"version": "8.17.0"
},
"elastic_agent": {
"id": "c509a40e-38fb-4be5-8e70-ba382ce8eff0",
"id": "74bc8c8b-cd00-4a4e-8457-41b9fc85489e",
"snapshot": false,
"version": "8.17.0"
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "nvidia_gpu.stats",
"duration": 3737970,
"ingested": "2025-06-24T05:16:13Z",
"duration": 4476867,
"ingested": "2025-10-30T09:18:08Z",
"module": "prometheus"
},
"gpu": {
"clock": {
"mem_frequency": 405,
"streaming_multiprocessor_frequency": 300
},
"labels": {
"device": "nvidia0",
"driver_version": "525.105.17",
"gpu": "0",
"hostname": "924e17218b6f",
"job": "prometheus",
"model_name": "Tesla T4",
"pci_bus_id": "00000000:00:04.0",
"uuid": "GPU-2492e3fa-2252-1730-0d1a-8d12ab32cdf0"
},
"license_vgpu_status": 0,
"memory": {
"framebuffer": {
"free_size": 14923,
"used_size": 5
}
},
"nvlink": {
"bandwidth_total": 0
"job": "prometheus"
},
"pcie": {
"replay": 0
},
"power": {
"energy_consumption_total": 27649212030,
"usage": 12.239
},
"temperature": {
"gpu": 36,
"memory": 0
},
"utilization": {
"decoder": {
"pct": 0
},
"encoder": {
"pct": 0
},
"gpu": {
"pct": 0
},
"memory_copy": {
"pct": 0
}
}
"up": "1"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-58660",
"hostname": "elastic-agent-35074",
"ip": [
"172.18.0.7",
"192.168.32.2"
"192.168.251.5",
"192.168.252.2"
],
"mac": [
"A6-27-18-C5-0D-F0",
"EA-10-B8-A2-8C-94"
"02-42-C0-A8-FB-05",
"02-42-C0-A8-FC-02"
],
"name": "elastic-agent-58660",
"name": "elastic-agent-35074",
"os": {
"family": "",
"kernel": "5.15.153.1-microsoft-standard-WSL2",
"kernel": "3.10.0-1160.92.1.el7.x86_64",
"name": "Wolfi",
"platform": "wolfi",
"type": "linux",
Expand All @@ -111,4 +66,4 @@
"address": "http://svc-nvidia_gpu:9400/metrics",
"type": "prometheus"
}
}
}
83 changes: 19 additions & 64 deletions packages/nvidia_gpu/docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,101 +56,56 @@ An example event for `stats` looks as following:

```json
{
"@timestamp": "2025-06-24T05:16:10.082Z",
"@timestamp": "2025-10-30T09:18:05.475Z",
"agent": {
"ephemeral_id": "158b1ab5-1d8f-40df-a960-73d24cffa507",
"id": "c509a40e-38fb-4be5-8e70-ba382ce8eff0",
"name": "elastic-agent-58660",
"ephemeral_id": "54f22388-40a1-419e-91a1-206585ad0aa0",
"id": "74bc8c8b-cd00-4a4e-8457-41b9fc85489e",
"name": "elastic-agent-35074",
"type": "metricbeat",
"version": "8.17.0"
"version": "8.16.0"
},
"data_stream": {
"dataset": "nvidia_gpu.stats",
"namespace": "52265",
"namespace": "46457",
"type": "metrics"
},
"ecs": {
"version": "8.17.0"
},
"elastic_agent": {
"id": "c509a40e-38fb-4be5-8e70-ba382ce8eff0",
"id": "74bc8c8b-cd00-4a4e-8457-41b9fc85489e",
"snapshot": false,
"version": "8.17.0"
"version": "8.16.0"
},
"event": {
"agent_id_status": "verified",
"dataset": "nvidia_gpu.stats",
"duration": 3737970,
"ingested": "2025-06-24T05:16:13Z",
"duration": 4476867,
"ingested": "2025-10-30T09:18:08Z",
"module": "prometheus"
},
"gpu": {
"clock": {
"mem_frequency": 405,
"streaming_multiprocessor_frequency": 300
},
"labels": {
"device": "nvidia0",
"driver_version": "525.105.17",
"gpu": "0",
"hostname": "924e17218b6f",
"job": "prometheus",
"model_name": "Tesla T4",
"pci_bus_id": "00000000:00:04.0",
"uuid": "GPU-2492e3fa-2252-1730-0d1a-8d12ab32cdf0"
},
"license_vgpu_status": 0,
"memory": {
"framebuffer": {
"free_size": 14923,
"used_size": 5
}
},
"nvlink": {
"bandwidth_total": 0
"job": "prometheus"
},
"pcie": {
"replay": 0
},
"power": {
"energy_consumption_total": 27649212030,
"usage": 12.239
},
"temperature": {
"gpu": 36,
"memory": 0
},
"utilization": {
"decoder": {
"pct": 0
},
"encoder": {
"pct": 0
},
"gpu": {
"pct": 0
},
"memory_copy": {
"pct": 0
}
}
"up": "1"
},
"host": {
"architecture": "x86_64",
"containerized": true,
"hostname": "elastic-agent-58660",
"hostname": "elastic-agent-35074",
"ip": [
"172.18.0.7",
"192.168.32.2"
"192.168.251.5",
"192.168.252.2"
],
"mac": [
"A6-27-18-C5-0D-F0",
"EA-10-B8-A2-8C-94"
"02-42-C0-A8-FB-05",
"02-42-C0-A8-FC-02"
],
"name": "elastic-agent-58660",
"name": "elastic-agent-35074",
"os": {
"family": "",
"kernel": "5.15.153.1-microsoft-standard-WSL2",
"kernel": "3.10.0-1160.92.1.el7.x86_64",
"name": "Wolfi",
"platform": "wolfi",
"type": "linux",
Expand Down